package com.openspring.platform.controller;

import java.util.Map;
import javax.annotation.Resource;
//import org.apache.shiro.authz.annotation.Logical;
//import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import com.openspring.framework.common.Paging;
import com.openspring.framework.controller.GenericController;
import com.openspring.framework.tree.Node;
import com.openspring.framework.util.MD5Utils;
import com.openspring.framework.util.ResultUtils;
import com.openspring.framework.util.ShiroUtils;
import com.openspring.platform.model.User;
import com.openspring.platform.service.UserService;

@Controller
@RequestMapping("user")
public class UserController extends GenericController<User, Long>{

	private UserService userService;

	@Resource(name="userService")
	public void setUserService(UserService userService) {
		super.setGenericService(userService);
		this.userService = userService;
	}
	
	@RequestMapping(value="/create", method=RequestMethod.POST)
	@ResponseBody
	//@RequiresPermissions(value="user:create")
	public Map<String, Object> create(@ModelAttribute User entity) {
		entity.setPassword(MD5Utils.encrypt(entity.getLoginName()));
		userService.create(entity);
		return ResultUtils.data(entity);
	}

	@RequestMapping(value="/modify", method=RequestMethod.POST)
	@ResponseBody
	//@RequiresPermissions(value="user:modify")
	public Map<String, Object> modify(@ModelAttribute User entity) {
		userService.modify(entity);
		return ResultUtils.data(entity);
	}
	
	@RequestMapping(value="/remove", method=RequestMethod.POST)
	@ResponseBody
	//@RequiresPermissions(value="user:remove")
	public Map<String, Object> remove(@RequestParam("id") Long[] id) {
		if(id.length == 1)
			userService.remove(id[0]);
		else
			userService.remove(id);
		return ResultUtils.success();
	}
	
	@RequestMapping(value="/load/{id}", method=RequestMethod.GET)
	@ResponseBody
	//@RequiresPermissions(value={"user:read", "user:modify"} ,logical=Logical.OR)
	public Map<String, Object> load(@PathVariable("id") Long id) {
		return ResultUtils.data(userService.load(id));
	}
	
	@RequestMapping(value="/list", method=RequestMethod.GET)
	@ResponseBody
	//@RequiresPermissions(value="user")
	public Map<String, Object> list(
			@ModelAttribute Paging paging,
			@RequestParam(value="filter", required=false) String filter,
			@RequestParam(value="sort", required=false) String sort) {
		
		return this.doQuery(paging, filter, sort);
	}
	
	@RequestMapping(value="/tree", method=RequestMethod.GET)
	@ResponseBody
	public Node tree() {
		return userService.getDeptUserTree();
	}
	
	@RequestMapping(value="/change", method=RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> change(@RequestParam("password") String password, @RequestParam("password1") String password1, @RequestParam("password2") String password2) {
		if(!password1.equals(password2)) {
			return ResultUtils.failure("新密码和确认密码必须相同");
		}
		ShiroUtils.getUser().getId();
		User user = userService.get(ShiroUtils.getUser().getLoginName(), password);
		if(user == null) {
			return ResultUtils.failure("密码错误");
		}
		userService.modifyPassword(user.getId(), password2);
		return ResultUtils.success();
	}
}